user avatar

Information Systems Security Officer (ISSO), Mid

Tyto Athene, LLC

Posted today

Job Requirements

Washington, DC
Public Trust Polygraph Unspecified
Career Level not specified
$105,000 - $120,000

Job Description

Tyto Athene is seeking a Information Systems Security Officer (ISSO), Mid to support a federal customer in Washington, DC We are looking for a highly organized, proactive, and customer-focused cybersecurity professional who excels at building trusted relationships, communicating with both technical and executive stakeholders, and independently driving complex initiatives to successful completion.

The ideal candidate thrives in a fast-paced environment, embraces ownership and accountability, and consistently delivers high-quality work while balancing customer needs with federal security and privacy requirements. In this role, you will serve as a trusted advisor to government customers while leading information security, privacy, and Governance, Risk, and Compliance (GRC) activities to ensure federal systems remain secure, compliant, and mission-ready.

Responsibilities:
  • Lead and support information system security responsibilities throughout the Risk Management Framework (RMF) lifecycle, including Authorization to Operate (ATO), continuous monitoring, and integration of security, privacy, and legal requirements.
  • Develop, maintain, and present security authorization packages and supporting documentation in accordance with client requirements and NIST SP 800-53, including SSPPs, RARs, SAPs, SARs, POA&Ms, contingency and incident response plans, SOPs, configuration management plans, STIG deviations, and related artifacts.
  • Own security and privacy initiatives from planning through completion by proactively managing tasks, driving remediation efforts, validating corrective actions, and ensuring deliverables are completed accurately and on schedule.
  • Perform security and privacy risk assessments, analyze vulnerability scan results, recommend risk-based solutions, and support continuous monitoring activities across applications, infrastructure, and databases.
  • Serve as a trusted cybersecurity advisor to Contracting Officer Representatives (CORs), system owners, business stakeholders, and technical teams by communicating complex security and privacy requirements clearly, professionally, and with a customer-focused approach.
  • Develop, coordinate, test, and maintain contingency planning, incident response, privacy, and continuity activities, including PTAs, PIAs, HVA support, privacy training, and privacy-by-design integration throughout the System Development Life Cycle (SDLC).
  • Develop and maintain privacy policies, directives, SOPs, and operational guidance while ensuring compliance with applicable federal privacy laws, OMB guidance, NIST publications, CJIS Security Policy, and Legislative Branch requirements.
  • Build strong cross-functional relationships while managing multiple concurrent priorities in a fast-paced environment, identifying process improvements, and maintaining exceptional attention to detail across all security and compliance activities.
  • Coordinate with internal and external stakeholders to support audits, agency data calls, reporting requirements, asset inventories, and other compliance initiatives.


Qualifications

Required:
  • Bachelor's degree and at least four (4) years of relevant experience supporting cybersecurity, information assurance, or Governance, Risk, and Compliance (GRC) activities within the NIST Risk Management Framework (RMF) lifecycle.
    • High school diploma with 8 years of experience in Functional Responsibility area may be substituted for a Bachelor's Degree
    • PMP, ISO 27001, or CISM certifications equate to 3 years of experience in Functional Responsibility each
    • ITIL, CISSP, or other relevant IT management certifications equate to 2 years of general experience each
  • Knowledge of and proficiency in federal government privacy programs, including the Privacy Act of 1974, the E-Government Act of 2002, and related federal privacy laws and regulations.
  • Demonstrated understanding of information privacy principles, including information access, release of information, and implementation of privacy controls for electronic and non-electronic information.
  • Experience supporting Cybersecurity Awareness Training (CSAT) privacy initiatives, including training development, effectiveness evaluation, and privacy awareness programs.
  • Experience with HR privacy and behavioral privacy considerations related to workforce data and monitoring activities.
  • Thorough knowledge of FISMA, NIST RMF, Security and Privacy Assessment & Authorization (SPA&A), NIST publications, OMB circulars and memoranda, and CNSS guidance.
  • Strong written and verbal communication skills with experience developing technical documentation, presenting complex security and privacy concepts to technical and non-technical audiences, and building trusted relationships with Contracting Officer Representatives (CORs), government leadership, and cross-functional stakeholders.
  • Demonstrated ability to lead end-to-end security and compliance initiatives by proactively managing competing priorities, driving deliverables to completion, and exercising sound judgment in a fast-paced, customer-focused environment.
  • Highly organized, detail-oriented, and self-motivated with strong analytical and critical thinking skills, a commitment to producing audit-ready documentation, and the ability to identify process improvements while balancing customer service with regulatory compliance.

Desired:
  • CRISC, CAP, CISSP, or equivalent
  • Experience with FedRAMP and cloud service providers
  • Experience with CSAM and ServiceNow
  • Experience with vulnerability assessment tools such as Nessus and/or Qualys
  • Policy writing background is highly preferred

Clearance:
  • US Citizen with Public Trust eligibility required

Location:
  • On-site in DC, minimal remote flexibility


About Tyto Athene

Compensation:
  • Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically between $105,000-$120,000. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:
  • Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.


Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.

At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?

Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.
group id: 91085617
Find Tyto Athene, LLC on Social Media
Network Employers
user avatar
About Us
At Tyto Athene, we harness the power of technology to provide solutions that shape the future. With over 50 years of experience providing mission-focused digital transformation, our team of experts offers a broad range of expertise in four major technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. We connect people with technologies to seamlessly integrate and manage systems to provide the greatest value to Defense, National Security, Space, Intelligence, and Public Safety for the people who matter the most. To learn more about our mission, visit us at: www.gotyto.com
job ad2 image

Tyto Athene, LLC Jobs


Job Category
IT - Security
Clearance Level
Public Trust